anafasia

I won’t feel relaxed untill a few weeks pass, but it seems it is solved now. for some days now it seems the unwanted ad is gone. the only change I’ve made was removing Change wp-admin login and placing a beta version they updated -it seems they solved the issue- so appartently the problem came from there, although when deactived no changes were detected by WF-.

it is the second time I solve an infection without knowlodge on these issues, so I’ve been lucky it seems. the first time Google Search Console located the files so it was easy for me to remove then.

this time, your advises restoring WF drove me and was the main lever to reach a solution, so thanks a lot truly for your help.

I have had your beta version installed for a couple of days now and the issue seems to be solved. wordfence scans are back and I have seen till now no further problems. thanks.

thanks a lot,

I have just made the sensitive scan, but no threats are detected.

it was not in the past, but nowadays plugins and wordpress are always updated. there are two plugins WordPress Scheduled Time and ?RSS Image Feed that probably are not updated anymore, but I need to manage the blog.

I have found a user -now deleted- with administrative rights with an address I never use?wpengine, so it seems someone accesed the blog. I have had security issues more than once, but sparsed in time, so I’m not sure if they are related. I’m more inclined to think that wordpress was updated, this somehow caused an incompatibility between WF and WPAdminLogin, scans stopped since 09/08/2023?without me noticing it and someone took advantage to access the site.

I’ll have to look for someone to clean it, I did already consider you option, but I won’t probably be able to afford it, probably I will have to look for some technical guy. anyhow, at first? I want to have a look by myself. I`ll check your links. I have no warnings from Google Search Console and have tried two other links and not malicious code is detected. problably it shows as regular ad from the web. I’m ckecking the last updated files in my theme and plugins. some of them -mainly themes files- I’m forced to change them often so I could locate anything rare there, but till now I have found nothing. there are a lot of files changeg on 09/08/2023, but I suppose this is related to the wordpress update. a bit unlucky because without this, most of the files would be unchanged since before the incident.

thanks,

on one hand it seems you are right. I deactivated Change wp-admin login run another scan and it was completed without problems. no farther issues were found.

I see your point, but I’m not sure what I will do. now I will have to deactivated in order to use WF, but if they solve the incompatibility maybe I will restore it. my web was compromised some time ago so I hired some people and they installed both plugins, although I should say the were not top coders -they almost collapsed my web-.

on the other hand these are good and bad news. for some weeks I’ve been experienced that occasionally some ads are displayed when you click on the web on a new window and I haven’t placed those ads. although I have added recently new companies to manage my ads -mainly banners- these could be a missfunctions related to them, but also I’m afraid someone could have accessed the web and added that script. anyhow I have no warnings form Google Search Console and your scan has not found changes among our archives.

if someone has placed that script, should the scan find it? is there a way to find it in case it exist?

I have the same issue.

wordfence scans don’t work since September in my wordpress site. it responds:

Scan Engine Error: The signature on the request to start a scan is invalid. Please try again.

I have disabled your plugin and the scan by wordfence worked well.

then I have enabled again your plugin and the scan says again;

Scan Engine Error: The signature on the request to start a scan is invalid. Please try again.

thanks, I have just sent you the diagnostic report via email.

capt of the error emailing

unfortunately none of your suggestions worked.

I cannot send you the report by email. when I try it I get an error.

here is the address of the full log:

https://urlis.net/vop82gk8

this are the last lines of the scan:

• [Oct 04 21:02:12] Scan Engine Error: The signature on the request to start a scan is invalid. Please try again.
• [Oct 04 23:58:54] Throttling IP 65.21.35.249. Exceeded the maximum number of requests per minute for crawlers.
• [Oct 05 12:56:44] Scan Engine Error: The signature on the request to start a scan is invalid. Please try again.
• [Oct 05 12:56:46] Scan stop request received.
• [Oct 05 12:56:51] Scan Engine Error: The signature on the request to start a scan is invalid. Please try again.
• [Oct 05 12:57:52] Scan stop request received.
• [Oct 05 12:57:56] Scan Engine Error: The signature on the request to start a scan is invalid. Please try again.
• [Oct 05 12:57:57] Scan Engine Error: The signature on the request to start a scan is invalid. Please try again.
• [Oct 05 12:59:41] Scan Engine Error: The signature on the request to start a scan is invalid. Please try again.
• [Oct 05 13:00:27] Scan stop request received.
• [Oct 05 13:00:30] Scan Engine Error: The signature on the request to start a scan is invalid. Please try again.
• [Oct 05 13:01:29] Attempting to resume scan stage (1 attempt(s) remaining)…
• [Oct 05 13:01:29] Scan Engine Error: The signature on the request to start a scan is invalid. Please try again.
• [Oct 05 13:02:17] Scan stop request received.
• [Oct 05 13:02:23] Scan Engine Error: The signature on the request to start a scan is invalid. Please try again.
• [Oct 05 13:03:23] Attempting to resume scan stage (1 attempt(s) remaining)…
• [Oct 05 13:03:24] Scan Engine Error: The signature on the request to start a scan is invalid. Please try again.
• [Oct 05 13:04:23] Attempting to resume scan stage (0 attempt(s) remaining)…
• [Oct 05 13:04:23] Scan Engine Error: The signature on the request to start a scan is invalid. Please try again.
• [Oct 05 13:04:43] Scan stop request received.
• [Oct 05 13:04:46] Scan Engine Error: The signature on the request to start a scan is invalid. Please try again.
• [Oct 05 13:05:46] Attempting to resume scan stage (1 attempt(s) remaining)…
• [Oct 05 13:05:47] Scan Engine Error: The signature on the request to start a scan is invalid. Please try again.
• [Oct 05 13:06:46] Attempting to resume scan stage (0 attempt(s) remaining)…
• [Oct 05 13:06:46] Scan Engine Error: The signature on the request to start a scan is invalid. Please try again.

and this are the first ones of the full log:

[Oct 05 13:05:46:1696503946.730587:4:info] getMaxExecutionTime() returning config value: 20

[Oct 05 13:05:46:1696503946.729158:4:info] Got value from wf config maxExecutionTime: 20

[Oct 05 13:05:46:1696503946.724480:4:info] Entering start scan routine

[Oct 05 13:05:46:1696503946.721620:2:info] Attempting to resume scan stage (1 attempt(s) remaining)...

[Oct 05 13:04:46:1696503886.385167:4:info] Scan process ended after forking.

[Oct 05 13:04:46:1696503886.373355:1:error] Scan Engine Error: The signature on the request to start a scan is invalid. Please try again.

[Oct 05 13:04:46:1696503886.371813:4:info] Verifying start request signature.

[Oct 05 13:04:46:1696503886.369511:4:info] Scan engine received request.

[Oct 05 13:04:46:1696503886.238079:4:info] Starting cron with normal ajax at URL https://afasiaarchzine.com/wp-admin/admin-ajax.php?action=wordfence_doScan&isFork=0&scanMode=custom&cronKey=50d5b6614ece26fff0a96aa570969d4a&signature=36153f4ad32871a11976433d3efd8d4fe24efc1130946bf7781dfa414a97d78d

[Oct 05 13:04:46:1696503886.229044:4:info] Test result of scan start URL fetch: array ( 'headers' => WpOrg\Requests\Utility\CaseInsensitiveDictionary::__set_state(array( 'data' => array ( 'date' => 'Thu, 05 Oct 2023 11:04:46 GMT', 'server' => 'Apache', 'x-robots-tag' => 'noindex', 'x-content-type-options' => 'nosniff', 'expires' => 'Wed, 11 Jan 1984 05:00:00 GMT', 'cache-control' => 'no-cache, must-revalidate, max-age=0', 'referrer-policy' => 'strict-origin-when-cross-origin', 'x-frame-options' => 'SAMEORIGIN', 'upgrade' => 'h2', 'content-length' => '12', 'content-type' => 'text/html; charset=UTF-8', ), )), 'body' => 'WFSCANTESTOK', 'response' => array ( 'code' => 200, 'message' => 'OK', ), 'cookies' => array ( ), 'filename' => NULL, 'http_response' => WP_HTTP_Requests_Response::__set_state(array( 'response' => WpOrg\Requests\Response::__set_state(array( 'body' => 'WFSCANTESTOK', 'raw' =>

[Oct 05 13:04:46:1696503886.067623:4:info] getMaxExecutionTime() returning config value: 20

[Oct 05 13:04:46:1696503886.066280:4:info] Got value from wf config maxExecutionTime: 20

[Oct 05 13:04:46:1696503886.056844:4:info] Entering start scan routine

[Oct 05 13:04:46:1696503886.051435:4:info] Ajax request received to start scan.

[Oct 05 13:04:43:1696503883.287461:10:info] SUM_KILLED:A request was received to stop the previous scan.

[Oct 05 13:04:43:1696503883.284985:1:info] Scan stop request received.

[Oct 05 13:04:23:1696503863.610603:4:info] Scan process ended after forking.

thanks a lot, Nuno.

I have some missfunctions with your plugin.

I receive from time to time warnings about file changes. I usually remove the files, but probably they are not suspicious ones.

also, in the last month, also from time to time, your plugin dissappears, but not your directories. I have to reinstall your plugin -renaming previously the existing directories- remaining unproctected until I notice the plugin is missing.

thanks, Peter.

yes, I have a custom configuration that I would like to keep -I didn’t configure it-.
when the wordfence folder is empty it can be re-installed smoothly.
the problem is that once re-installed if you rename back the old folder, you get a message saying there’s a mistake whith the header, and the folders are kept but the plug-in is gone.

in the end I have added to functions this code:

//   ====================remove unwanted image sizes=====================
  add_action( 'init', 'remove_image_sizes' );
  function remove_image_sizes() {
      remove_image_size( '825x510' );               // (825 x 510)
      remove_image_size( '1536x1536' );             // 2 x Medium Large (1536 x 1536)
      remove_image_size( '2048x2048' );             // 2 x Large (2048 x 2048)
  }
  
//   ====================end remove unwanted image sizes=====================

and if has worked well. the formats 1536 and 2048 are not uploaded now, apparently.

but it does not work with the size 825×510.
anyone knows what I’m doing wrongly?

ok, good to know. thank a lot.

and happy holydays

thanks a lot. I used Dynamic Widgets for that but it seems it has been discountinued for security issues. I have been testing this afternoon Widget Options and it seem to work fine.

I was a little scared because when adding Top10 to the side column of single posts the load on the server seemed to increase. I have discovered that in General Settings there is an option: Enable Cache –WP Super Cache is installed and working for several years now on my web- and when checked it looks like the server load was reduced.

can I rely in that Enable Cache option to reduce the server load? I assume it retards the time statistics are updated.

thanks a lot for the link. there’s also another page explaining probablhy something similar here, although in Spanish. as soon as I find a moment I will give a try. even if I don’t understand what I should exactly must do, this will help me to know, in case I should need a professional, what I must exactly ask him.

I should say the only needed cropped image in my web is the thumbnail -250×250-. the rest should always be displayed in the same proportion as created. unless a crop should be required in different screens.

old uploads should not be a problem. knowing a format is not required, images are stored in folders by monnths. you only need to find a way to order them by size and remove the unwanted ones. a bit of work but not unmanageable.

• This reply was modified 2 years, 11 months ago by anafasia.